https://github.com/keystr/keystr-rs

Nostr Keystore
https://github.com/keystr/keystr-rs

nip-26 nip-46 nostr rust

Last synced: 26 days ago
JSON representation

Nostr Keystore

• Host: GitHub
• URL: https://github.com/keystr/keystr-rs
• Owner: keystr
• License: mit
• Created: 2023-02-08T10:40:28.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2023-06-15T20:49:22.000Z (about 1 year ago)
• Last Synced: 2024-02-17T05:34:15.421Z (4 months ago)
• Topics: nip-26, nip-46, nostr, rust
• Language: Rust
• Homepage:
• Size: 277 KB
• Stars: 36
• Watchers: 3
• Forks: 3
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Lists

• awesome-nostr - keystr-rs - rs?style=social) - An application for managing Nostr keys. Written in Rust, with simple UI (Iced). (Tools / Client reviews and/or comparisons)
• Self-Hosting-Guide - keystr-rs - An application for managing Nostr keys. Written in Rust, with simple UI (Iced). (Install from Source / Nostr)

README

        
# **Keystr**: Nostr Keystore

An application for managing Nostr keys.

Written in Rust, with simple UI (Iced).

## Features

- Safekeeping of keys:

  - Import of keys (secret or public)

  - Save/Load keys (encrypted with password)

- Delegations (NIP-26): Create delegation

- Signer (NIP-46 Nostr Connect) support:

  - connect to a client (handle internal requests (describe, get_public_key))

  - handling incoming sign_event and delegate requests, requiring user confirmation (via a popup)

## Screenshot



## Roadmap

- Android app

- Profile metadata (show, edit)

- FROST support

## Building and Running

- Prerequisite: `rust`, v >= 1.67

- Simply run:  `cargo run`

## User Guide

Short description of available functionalities.

### Key Management

**Keys Overview**

A Nostr identity should be set in the app, that is, a pair of keys: a secret key and corresponding public key.

It is possible to provide only pubkey, in this case signing will not work.

It is possible that no key is set (e.g. after first startup or after clearing the keys).

If an password-encrypted key is loaded from storage, but password is not provided, singing will not work.

**Importing Keys**

- Generate new key pair

- Import a private key (nsec or hex string)

- Import a public key (npub or hex string)

**Saving/Loading Keys**

Secret key can be persisted to disk, in encrypted form.

Encryption can optionally use a password.

Files are stored in local data directory, under `~/.local/share/keystr` in Unix.

When an encrypted password is loaded, it becomes usable only once it is unlocked, using the password used during encryption. (Note: Unlock can happen later after load.)

**Security Setting**

There is a general security setting controlling the security of secret key storage, with following options:

- Never persist security key

- Persist but only with a password-enhanced encryption (The password is needed every time the key is loaded)

- Persist encrypted, with or without a password

### NIP-26 Delegations

It is possible to create a NIP-26 Delegation, to empower a delegatee identity to be able to post events in the name of the loaded identity.

Typical flow, assuming the a key pair is loaded:

- Enter (paste) the npub of the delegatee (typically taken from another Nostr client app)

- Optionally set time range, this can be done using a number of days from now (or using absolute unix timestamps)

- Optionally enter an event type restriction, e.g. 'kind=1'

- Create the delegation. The resulting delegation tag should be copied to the other client app.

### NIP-46 Nostr Connect a.k.a Signer

Keystr can act as a Signer, and sign event for a client.

- Initiate a connection in the client app (to obtain a nostrconnect URI)

- Enter the nostrconnect URI string in Keystr, connect

- Keystr will connect to the relay and listen for signer requests

- For incoming Signing requests it shows a popup for the user, to review and acknowledge (sign) it

### NIP-46 + NIP-26 Signer and Delegation combined

Keystr as a Signer can sign a delegation, simplifying the communication to get the delegation tag to the app.

- Initiate a connection in the client app (to obtain a nostrconnect URI)

- Enter the nostrconnect URI string in Keystr, connect

- From the client app request a delegation (recommended to limit validity to short period, and the kinds to the ones used by the app)

- In Keystr review the request, confirm

- Delegation tag is automatically sent to the client app, the client app can post using it right away

- Later the app can re-request the delegation as the current one expires (may not need to reconnect)

## Running Tests

- `cargo tests`

## Contributing

Create an issue, PR, or discussion.

## License: MIT

## Contact

Nostr: [email protected]  `nostr:npub1kxgpwh80gp79j0chc925srk6rghw0akggduwau8fwdflslh9jvqqd3lecx`

## References

- Status:

  - NIP-26 Delegations Status  https://hackmd.io/fskWGX_XRxG45fMrub8OiA?view

  - NIP-26 Status: https://nip26.lol

- Specs:

  - NIP-26 Delegations Spec https://github.com/nostr-protocol/nips/blob/master/26.md

  - NIP-46 Delegations Spec https://github.com/nostr-protocol/nips/blob/master/46.md

- Tools, clients:

  - Rust-nostr lib  https://github.com/rust-nostr/nostr

  - Nostr Connect demo  https://github.com/catenocrypt/nostr-connect-demo

  - NostrTool, key generation and delegation playground  https://github.com/kdmukai/nostrtool

- General Nostr links:

  - Nostr Protocol definition  https://github.com/nostr-protocol/nostr  protocol

  - Nostr projects  https://github.com/aljazceru/awesome-nostr